class LoginsController < ApplicationController

  def index       
  end

  def login   
    if User.authenticate(params[:user])    
      user = User.find_by_login(params[:user][:login])
      set_user(user)    
      if session[:return_to]
        redirect_to session[:return_to]
        session[:return_to] = nil
        return
      else
        redirect_to "/"
      end
    else
      redirect_to :action => "index", :login => "failed"
    end 
  end
  
  def logout
    user = User.find(session[:user_id])
    if user
      user.forget_me
    end
    session[:user_id] = nil
    redirect_to "/"
  end

  def signup
    redirect_to :action => "index" unless APP_SETTINGS[:allow_user_signup]
    @user = User.new    
  end
  
  def create_user
    return unless APP_SETTINGS[:allow_user_signup]    
    @user = User.new(params[:user])
    if @user.save
      set_user(@user)
      flash[:notice] = 'User was successfully created.'
      redirect_to "/" 
    else
      render :action => "signup" 
    end   
  end
end